getting invalid_credentials on laravel-passport-social-grant package

Question

Package used is the : https://github.com/coderello/laravel-passport-social-grant

I have followed all the expected changed with the tutorial provided at : https://medium.com/@hivokas/api-authentication-via-social-networks-for-your-laravel-application-d81cfc185e60

url :

http://myurl.com/oauth/token

output:

{
    "error": "invalid_credentials",
    "error_description": "The user credentials were incorrect.",
    "message": "The user credentials were incorrect."
}

parameter have used with the postman is as followed:

    grant_type' => 'social', // static 'social' value
        'client_id' => $clientId, // client id
        'client_secret' => $clientSecret, // client secret
        'provider' => $providerName, // name of provider (e.g., 'facebook', 'google' etc.)
        'access_token' => $providerAccessToken, // access token issued by specified provider
    ],

what can be the issue here ?

Answer 1

For Facebook you need to have the client_id and secret, in your services.php Code inside FacebookProvider of Socialite

protected function getUserByToken($token)
{
    $this->lastToken = $token;

    $params = [
        'access_token' => $token,
        'fields' => implode(',', $this->fields),
    ];

    if (! empty($this->clientSecret)) {
        $params['appsecret_proof'] = hash_hmac('sha256', $token, $this->clientSecret);
    }

    $response = $this->getHttpClient()->get($this->graphUrl.'/'.$this->version.'/me', [
        'headers' => [
            'Accept' => 'application/json',
        ],
        'query' => $params,
    ]);

    return json_decode($response->getBody(), true);
}

So, google kinda works without secret.